Solved

Setting up a Domain controller to sync with an internet time source through Microsoft Proxy server 2004

Posted on 2006-10-26
10
430 Views
Last Modified: 2012-08-13
Hello,

I am in need of assistance with setting up a Domain Controller as a Reliable Time Source, but I'm not sure how to configure a Microsoft Proxy Server (2004) to allow the Domain Controller to get access to a time server with the NTP protocol.  Or, maybe it would be better if I setup the proxy server itself to pull time from the internet, and set one reliable time sourced domain controller to point to it.  I am currently testing TimeTools SNTP Time Client to possibly use as a client, but I was wondering if there are suggestions for another time client to try.  Perhaps one that can be setup as a service so it don't have to be running on the desktop all the time.

Thanks,
Mike
0
Comment
Question by:miket71
  • 5
  • 5
10 Comments
 
LVL 38

Accepted Solution

by:
younghv earned 125 total points
ID: 17813875
Hi mike71,
This should get you started: http://tf.nist.gov/service/its.htm

Post back with any specific questions.


Vic
0
 

Author Comment

by:miket71
ID: 17814130
Can this one run as a service rather than an application?
0
 
LVL 38

Expert Comment

by:younghv
ID: 17814530
Service - w32time runs as a client service.

As a general comment, a 'C' grade is the lowest possible grade you can give to someone who is trying to help.
If you have questions or need more specifics, please ask before deciding on a grade.
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 

Author Comment

by:miket71
ID: 17814554
Sorry, I don't know how to use this site very well.  I just started yesterday.
0
 

Author Comment

by:miket71
ID: 17814693
I was unable to find the download link for the software at the site provided above.  All I really want to do is setup our ISA 2004 server to allow the NTP protocol to pass though it so that it or a DC server, or ISA server, can update the correct time from outside.  I would like to make it work with a time client program that can run as a service, or use the registry to work with the w32time service.  I'm thinking that I should setup the ISA server to pull time from an external time domain, then set a DC to pull time from ISA, set the DC as a reliable source, then let all other DCs and PCs pull time updates from the reliable source DC.
0
 
LVL 38

Expert Comment

by:younghv
ID: 17814722
Try this link to MS (and let's hope this link is functional).

http://support.microsoft.com/kb/323621
0
 

Author Comment

by:miket71
ID: 17815200
The link was kind of handy.  I tried to translate the steps the best I could.  At this point, the ISA server is my roadblock.  Even though I opened the NTP protocol on it via UDP at port 123, and set it to allow a specific DC to communicate to an outside time source, the DC is still unable to do it.  I know that the ISA server doesn't allow any pinging to go throught it.  It only allows domain names to resolve to IP addresses when I ping a domain name.  I set the server to not go anywhere for time updates for now, and made it become a reliable time source for the clients and other DCs.  I'm not sure how critical it is that the main DC be able to go outside to get time updates.
0
 
LVL 38

Expert Comment

by:younghv
ID: 17815287
Warning you up front - this is a guess.

You might be able to configure your 'HOSTS' file with the IP address and URL of the outside time source.

Your HOSTS (no extension) file should be in your SYSTEM32\DRIVERS\ETC folder.

ADD: 192.168.10.1     companyweb  (enter the actual IP and company URL)
BLOCK: 127.0.0.1       badwebsite ( use the 127.0.0.0 and the actual bad site)
0
 

Author Comment

by:miket71
ID: 17815322
I thought that the hosts file only worked for static resolutions though.  When I ping time.windows.com for example, it resolves to IP, but there is no reply.  I tried adding it to the hosts file anyways just to try it, but I have the same results.
0
 
LVL 38

Expert Comment

by:younghv
ID: 17815357
As long as your DC is the time source, the critical function is being met.
Just keep an eye on the DC.

(I told you it was just a guess.)

:)
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Search also sub-folder 1 69
Accessing WinXp drive on Win10: access denied 7 108
BOSD APC_INDEX_MISMATCH - who's the culprit ? 4 52
Use CRON to save a copy of an open file 1 55
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question